<?php
if (!defined('IN_CONTEXT')) die('access violation error!');

class controller_check extends lib_controller
{
	private $current_time;
	private $current_user;
	private $prefix;
	private $ip;
	
	public function init($action)
	{
		$operations = lib_toolkit::getOperations();
		
		if($action == 'checkItemPage' || $action == 'doAddItemPage' || $action == 'doAddItemType' || $action == 'doAddItem' || $action == 'doDeleteItem' || $action == 'editItemPage' || $action == 'doUpdateItem')
		{
			if(!in_array('doSetItem', $operations))
			{
				die("Permission denied.");
			}
		}
		
		$_session_ = $this->_session_;
		$this->current_user = $_session_->getSession('u_name');
		
		$_xml_ = $this->_xml_;
		$this->prefix = $_xml_->getConfig('data/prefix');
		
		$this->ip = $_SERVER['REMOTE_ADDR'];
		$this->current_time = time();
		lib_toolkit::filterBrowserScript();
	}
	
	public function checkItemPage()
	{
		$add_item_address = 'index.php?_m=check&_a=doAddItemPage';
		$_mysql_ = $this->_mysql_;

		$items = array();
		$item_types = array();
		$tmp_arr = array();
		$items = $_mysql_->findAll("check_items","1=1 ORDER BY c_type_id");
		$tmp_arr = $_mysql_->findAll("check_types");
		foreach($tmp_arr as $v)
		{
			$item_types[$v['ct_id']] = $v['ct_name'];
		}
		
		$this->assign('add_item_address', $add_item_address);
		$this->assign('items', $items);
		$this->assign('item_types', $item_types);
	}
	
	public function doAddItemPage()
	{
		$_mysql_ = $this->_mysql_;
		$types = array();
		$types = $_mysql_->findAll("check_types");
		
		$this->assign('next_controller', 'check');
		$this->assign('next_action', 'doAddItem');
		$this->assign('types', $types);
	}
	
	public function doAddItemType()
	{
		$this->_layout = 'response';
		
		$_mysql_ = $this->_mysql_;
		$ct_name = trim($_GET['name']);
		$prefix = $this->prefix;
		
		if(empty($ct_name))
		{
			$res_arr = array('result' => 'error','errmsg' => 'Data is empty.');
			$res_str = json_encode($res_arr);
			$this->assign('res_str', $res_str);
			return 'result';
		}
		
		$check_types = $_mysql_->findAll('check_types'); 
		foreach($check_types as $v)
		{
			if($v['ct_name'] == $ct_name)
			{
				$res_arr = array('result' => 'error','errmsg' => 'This item name has existed.');
				$res_str = json_encode($res_arr);
				$this->assign('res_str', $res_str);
				return 'result';
			}
		}
		
		$current_time = $this->current_time;
		$u_name = $this->current_user;
		$ip = $this->ip;
		$_mysql_->customSql("INSERT INTO {$prefix}check_types (ct_name) VALUES ('$ct_name')");
		$_mysql_->customSql("INSERT INTO {$prefix}logs (log_operation,log_time,log_ip,log_desc,log_operator) VALUES ('add item type',$current_time,'$ip','add item type:$ct_name','$u_name')");
		
		$res_arr = array('result' => 'ok','sucmsg' =>"Add item type successfully.");
		$res_str = json_encode($res_arr);
		$this->assign('res_str', $res_str);
		return 'result';
	}
	
	public function doAddItem()
	{
		$this->_layout = 'response';
		
		$c_type = trim($_POST['c_type']);
		$c_desc = trim($_POST['c_desc']);
		
		if(empty($c_type) || empty($c_desc))
		{
			$res_arr = array('result' => 'error','errmsg' => 'Data is empty.');
			$res_str = json_encode($res_arr);
			$this->assign('res_str', $res_str);
			return 'result';
		}
		
		$check_items = array();
		$_mysql_ = $this->_mysql_;
		$check_items = $_mysql_->findAll('check_items');
		foreach($check_items as $v)
		{
			if($v['c_desc'] == $c_desc)
			{
				$res_arr = array('result' => 'error','errmsg' => 'This item has existed.');
				$res_str = json_encode($res_arr);
				$this->assign('res_str', $res_str);
				return 'result';
			}
		}
		
		$prefix = $this->prefix;
		$u_name = $this->current_user;
		$ip = $this->ip;
		$current_time = $this->current_time;
		
		$_mysql_->customSql("INSERT INTO {$prefix}check_items (c_type_id,c_desc) VALUES ($c_type,'$c_desc')");
		$_mysql_->customSql("INSERT INTO {$prefix}logs (log_operation,log_time,log_ip,log_desc,log_operator) VALUES ('add checking item',$current_time,'$ip','add checking item desc:$c_desc','$u_name')");
		$res_arr = array('result' => 'ok','sucmsg' =>"Add checking item successfully.");
		$res_str = json_encode($res_arr);
		$this->assign('res_str', $res_str);
		return 'result';
	}
	
	public function doDeleteItem()
	{
		$this->_layout = 'response';
		$c_id = trim($_GET['id']);
		if(empty($c_id))
		{
			$res_arr = array('result' => 'error','errmsg' => 'Data is empty.');
			$res_str = json_encode($res_arr);
			$this->assign('res_str', $res_str);
			return 'result';
		}
		
		$_mysql_ = $this->_mysql_;
		$prefix = $this->prefix;
		$ip = $this->ip;
		$u_name = $this->current_user;
		$current_time = $this->current_time;
		
		$_mysql_->customSql("DELETE FROM {$prefix}check_items WHERE c_id = $c_id");
		$_mysql_->customSql("INSERT INTO {$prefix}logs (log_operation,log_time,log_ip,log_desc,log_operator) VALUES ('delete checking item',$current_time,'$ip','delete checking item id:$c_id','$u_name')");
		
		$res_arr = array('result' => 'ok','sucmsg' =>"Delete checking item successfully.");
		$res_str = json_encode($res_arr);
		$this->assign('res_str', $res_str);
		return 'result';
	}
	
	public function editItemPage()
	{
		$c_id = trim($_GET['c_id']);
		
		if(empty($c_id))
		{
			die("Data is empty.");
		}
		
		$_mysql_ = $this->_mysql_;
		
		$items = array();
		$types = array();
		
		$types = $_mysql_->findAll('check_types');
		$items = $_mysql_->find('check_items',"c_id = $c_id");
		
		if(empty($items))
		{
			die("Data is empty.");
		}
		
		$this->assign('next_controller', 'check');
		$this->assign('next_action', 'doUpdateItem');
		$this->assign('types',$types);
		$this->assign('items', $items);
	}
	
	public function doUpdateItem()
	{
		$this->_layout = 'response';
		
		$c_type = trim($_POST['c_type']);
		$c_desc = trim($_POST['c_desc']);
		$c_id = trim($_POST['c_id']);
		
		if(empty($c_type) || empty($c_desc) || empty($c_id))
		{
			$res_arr = array('result' => 'error','errmsg' => 'Data is empty.');
			$res_str = json_encode($res_arr);
			$this->assign('res_str', $res_str);
			return 'result';
		}
		
		$_mysql_ = $this->_mysql_;
		$result = $_mysql_->findAll('check_items',"c_desc = '$c_desc' AND c_id <> $c_id");
		
		if(!empty($result))
		{
			$res_arr = array('result' => 'error','errmsg' => 'This item has existed.');
			$res_str = json_encode($res_arr);
			$this->assign('res_str', $res_str);
			return 'result';	
		}
		
		$prefix = $this->prefix;
		$u_name = $this->current_user;
		$current_time = $this->current_time;
		$ip = $this->ip;
		
		$_mysql_->customSql("UPDATE {$prefix}check_items SET c_type_id = $c_type,c_desc = '$c_desc' WHERE c_id = $c_id");
		$_mysql_->customSql("INSERT INTO {$prefix}logs (log_operation,log_time,log_ip,log_desc,log_operator) VALUES ('update checking item',$current_time,'$ip','update checking item id:$c_id','$u_name')");
		
		$res_arr = array('result' => 'ok','sucmsg' =>"Delete checking item successfully.");
		$res_str = json_encode($res_arr);
		$this->assign('res_str', $res_str);
		return 'result';
	}
}
?>